CA to announce, but not ship, security app

Looking to simplify the lives of IT security administrators, Computer Associates International Inc. this week is expected to announce a portal-based console that will combine multiple security management user interfaces into one screen.

Plans for the console, dubbed the eTrust Security Command Center, were divulged by CA officials last February and discussed at the CA World user conference held in April.

But it’s still not ready for shipment. CA is looking for beta sites to start testing the software next month, and it plans a general release sometime early next year.

Once the application is available, it will be able to take data feeds from different security software products and either send alerts to IT staffers or respond to problems automatically, said Russell Artzt, executive vice-president of alliances and eTrust solutions at CA.

“We have taken Command Center as a centralized location for dealing with all sorts of security violations,” Artzt said. For example, he said, an IT security administrator will be able to view end-user access violations in one window on the console while other windows display things such as firewall activity and potential system vulnerabilities.

To expand the console’s usefulness with non-CA security tools, Artzt said the Islandia, N.Y.-based company is partnering with other security vendors to create connectors for sharing data. CA cited deals with four vendors, including firewall developer Check Point Software Technologies Ltd. in Redwood City, Calif.

In concept, the technology promised by CA is appealing, said Karl Jackson, an infrastructure engineer at Brigham Young University (BYU) in Provo, Utah. IT workers at BYU hope to be part of the beta-test program for the security console, he said.

BYU currently uses a handful of CA’s security tools, as well as Cisco Systems Inc.’s virtual private network software. But each product has its own management interface, and Jackson said it’s cumbersome to click through all the screens to check on the status of the university’s systems.

But CA isn’t the only vendor pushing centralized security administration software, said James Hurley, an analyst at Aberdeen Group Inc. in Boston. IBM’s Tivoli network and systems management unit and smaller companies like NetIQ Corp. in San Jose and e-Security Inc. in Rockledge, Fla., already offer security console products, he said.

The centralized management being provided by the different vendors “is long overdue,” Hurley said. “The biggest problem we run into is most buyers don’t have the staff to handle the complexities of the IT infrastructures they have.”

CA plans to support a variety of automated responses in its console, according to Artzt. CA hasn’t set pricing yet.